Tencent Cloud Infinite (CI) verifies the validity of requests through signatures. Developers grant a signature to the client to allow it to upload, download, and manage specific resources.
With CI, an anonymous HTTP request or signed HTTP request can be made by using the RESTful API. For a signature request, the server will authenticate the initiator.
Cloud Infinite uses the same signature algorithm as Cloud Object Storage (COS) on which it is based. It performs authentication using a custom scheme based on HMAC (Hash Message Authentication Code).
There are XML and JSON signatures:
<BucketName-APPID>.<picture region>.myqcloud.com/<picture name>, for example,
<BucketName-APPID>.pic.<Region>.myqcloud.com, for example
|Processing during data downloading||Hotlink protection is disabled||No signature verification|
|Hotlink protection is enabled||JSON signature|
|Processing during data uploading||Persistence processing||XML signature|
|Bucket API operations||Query, enable, delete, and others||XML signature|
|Content recognition||Detect content related to pornography, politics, violence, and terrorism||XML signature|
The information that is required for generating a signature includes the APPID (such as 1250000000), bucket name (such as examplebucket-ci), and SecretID and SecretKey of the project.
The preceding information can be obtained as follows:
CI follows the same process for computing a signature as COS.
Signed HTTP requests initiated through RESTful APIs can pass signatures in the following ways:
In the preceding example,
...is used to substitute the specific signing information.